Just a follow up to my email earlier. We upgraded our CCA from 4.1.2 to
4.1.6 yesterday evening and it did not go well. Our CAM was not able to
see either of our servers. We opened a TAC case; he tried adding the two
Verisign roots and intermediates from the Server to CAM, but that didn't
work. Ultimately the solution was to go through the process posted by
Nevin Absher, although I'm not sure the TAC was fully aware of it. I
pointed him to the document, and that's what we did. We are upgraded, but
it was dicey!
-Mike
On Mon, 18 Aug 2008, Nathaniel Austin wrote:
Some Verisign roots and intermediates are stored on the CAM so you *may* be
OK. But you may have to import the root and any intermediates from your CAS
onto your CAM.
Nate
Mike Diggins wrote:
Just a question to those who upgraded to 4.1.6 already. I'm confused about
the SSL Certs, although I did update my test system this past weekend
anyway. I see the the CAS no longer has the option to add the SSL cert for
it, presumably I now add all the certs from the CAM. My test environment
uses the "perfigo" cert on both the CAM and CAS. Everything seems to work
after upgrading there.
My production environment has the perfigo cert on the CAM, and a Verisign
cert. on each of my two CAS's. After upgrading, assuming I simply run the
upgrade script, will I be left with a functioning system? In other words,
will the upgrade process automatically pull my two Verisign certs from each
CAS to the CAM?
Note, I'm upgrading from 4.1.2.
-Mike
_________________________________________
Mike Diggins Voice: 905.525.9140 Ext. 27471
Network Analyst, Enterprise Networks FAX: 905.528.3773
University Technology Services E-Mail: [EMAIL PROTECTED]
McMaster University, Hamilton, Ontario
